* Check configuration for obsolete keys on startup
We now check the loaded configuration for obsolete keys (that have been moved to a new section) and throw an error if any are found, which will prevent eclair from starting.
When sending a payment, if a node on the route answers with an
`UPDATE`-type error, we update our routing table with the new
`channel_update` that is attached to the error message.
But additional routing info (provided by receiver in payment requests)
take precedence over whatever data is in the routing table. If one of
the nodes contained in the routing info replies with a newer
`channel_update`, we will indeed update our routing table, before
retrying, but then we will override it by the (untouched) assisted routes.
We know also update the assisted routes.
* SqliteNetworkDb: add failing test
If a txid starts with 0, it will be stored as NUMERIC, leading 0s will be stripped, and we won't be able to read it back as a ByteVector32
* Sqlite: use TEXT type for strings
* Check that creating a table that already exists with different column types is a NOOP
* Activate extended channel range queries
By default we now set the `gossip_queries_ex` feature bit.
We also change how we compare feature bits, and will use channel queries (or extended queries) only if the corresponding feature bit is set in both local and remote init messages.
We had 2 open PRs, one that added new tests using the 0.API, one that switched to 0.18.1, when they were merged the new tests failed since they had not been upgraded....
Our random funding key path is now 8 * 32 bits plus a 1' (funder) or 0' (fundee).
Channel key paths are computed from the sha256 of the funding public key (we take all 256 bits).
* Electrum wallet: improve coin selection (fixes#1146)
Our previous coin selection would sometimes fail when there was one wallet utxo and and low
feerate, because our first pass used a fee estimate that was too high and could sometimes not be met.
Our balance computation was slightly incorrect. If you want to know how much you can send (or receive), you need to take into account the fact that you'll add a new HTLC which adds weight to the commit tx (and thus adds fees).
* Fix funding pubkey to channel key path computation
Channel key path is generated from 8 bytes computed from our funding pubkey, but we extracted 4 uint32 values instead of 2 (last 2 were always 0). We now use 128 bits to derive channel key paths.
* Add a channel key path compatibility test
This test will fail if we change the way we compute channel key paths, which would break existing channels.
If the sender of an htlc isn't the funder, then both sides will have to afford the payment:
- the sender needs to be able to afford the htlc amount
- the funder needs to be able to afford the greater commit tx fee incurred by the additional htlc output.
Fixes#1081.
Co-Authored-By: Pierre-Marie Padiou <pm47@users.noreply.github.com>
* Derive channel keys from funding pubkey
We now generate a random funding key for each new channel, and use its public key to deterministically derive all channel keys and secrets. This will let us easily recover funds using DLP even if we've lost everything but our seed: we just need to connect to the node we had a channel with, ask them to publish their commit tx, and once we see it on the blockchain we can extract our funding pubkey, recompute channel keys and spend our output.
* Add rationale for new channel derivation scheme
* Add a "funding pubkey path" option to the channel version field
This option is checked when we need to compute channel keys. For old channels it won't be set, and we always set it for new ones.
* ChannelVersion: make sure that all bits are set to 0 for legacy channels
* ChannelVersion: USE_PUBKEY_KEYPATH is set by default
* Move recovery test out of OfflineStateSpec
* Handle feerate changes when OFFLINE, SYNCING
* Add 'close-on-offline-feerate-mismatch' configuration to avoid closing offline channel when the feerate mismatch if over the threshold.
* Unify payment events (no more duplication between payment types and events)
* Factorize DB and eventStream interactions: this paves the way for sub-payments that shouldn't be stored in the DB nor emit events.
* Add more fields to the payments DB:
* bolt 11 invoice for sent payment
* external id (for app developers)
* parent id (AMP)
* target node id
* fees
* route (if success)
* failures (if failed)
* Re-work the PaymentsDb interface
* Clarify use of seconds / milliseconds in DB interfaces -> milliseconds everywhere
* Run SQL migrations inside transactions
When a downstream node sends us an onion error with an invalid length, we must forward the failure.
The recipient won't be able to extract the error but at least it knows the payment failed.
We already have Java 7 (for Android) and Java 11. Supporting Java 8
would require crossbuilding, which we are not doing (two recent PRs
broke the build on Java 8).
There are two level of parallelization:
- between test suites (a suite = a test file)
- within a suite (depends on tests suites, some rely on sequential execution of tests, some don't)
Instead of hardcoding the channel version when we instantiate the
`Commitments` object, we rather define it when the channel is
instantiated. This is saner and prepares future usage.
Instead of satoshi, which could introduce rounding errors.
Also, we check first the balance before the max-inflight amount, because
it makes more sense in terms of error management.
Co-Authored-By: Bastien Teinturier <31281497+t-bast@users.noreply.github.com>
For now:
- we only track some tasks (especially in the router, but not even
`node_announcement` and `channel_update`
- all db calls are monitored
- kamon is disabled by default
* Add comments and fix warnings in graph processing
* Add small feature to set the htlcMaximumMsat for routing hints (otherwise the graph processing algorithm used a minimum value which slightly reduced the benefits of those routing hints)
* Add the computation of network statistics to the router: this will be useful for multi-part payments to decide what thresholds should be used to split a payment
This is now enabled by default.
We forward variable-length onions if we receive some.
We accept variable-length payments.
However for maximum compatibility with the network, we send payments using legacy payloads.
This allows us to choose smaller parameters for tests and reduce cpu
requirement during testing.
NB: The default value of 3500 for `reply_channel_range` was wrong. Theoretical max is ~2700.
It allowed probing attacks and the spec deprecated it in favor of IncorrectOrUnknownPaymentDetails.
Also add better support for unknown failure messages.
We must consider `nextRemoteCommit` when applicable.
This is a regression caused in #784. The core bug only exists when we
have a pending unacked `commit_sig`, but since we only send the
`AvailableBalanceChanged` event when sending a signature (not when
receiving a revocation), actors relying on this event to know the
current available balance (e.g. the `Relayer`) will have a wrong
value in-between two outgoing sigs.
Instead of using two separate maps (for channels and channel_updates), we now use a single map, which groups channel+channel_updates. This is also true for data storage, resulting in the removal of the channel_updates table.
